Operational planning

Operational planning

The objective of operational planning is to define specific migration and adaptation scenarios and to identify the steps to be taken to implement the strategic plan.

Cloud.Sec uses a methodology and standards defined by the Cloud Security Alliance (CSA) as part of defining What? When? How? to migrate to cloud. Cloud Security Alliance is the world’s leading organization focused on defining and raising awareness of best practices to ensure a secure cloud environment.

As part of operational planning of Microsoft cloud implementation, analysis and company workshops will be performed, taking into consideration the following areas:

  • Compliance. Confirmation of compliance of the use of the public cloud with applicable laws and obligations towards business partners
  • Implementation Scenarios. Definition of business scenarios for using the public cloud:
    • Scope of hardware resources migrated to the cloud
    • Scope of applications migrated to the cloud
    • Scope of data transferred to the cloud
    • Scope of data made available from the cloud
    • Rules od access to cloud resources
    • Authentication method
    • Authorized people, resources to process data in the cloud
    • Authorized usage of cloud resources
  • Scope. Scope of business processes / business activities migrated to the cloud
  • Security. Design of the relevant security model for business process groups running in the cloud. Determination of the required level of security for individual processes and activities transferred to the cloud
  • Cloud Service Provider. Identification of a cloud service provider (CSP) capable of meeting functional and security requirements
  • Shared responsibilities. Identification of the required security measures to be implemented and share of responsibilities between the CSP and the cloud user
  • Planning under control. Close cooperation with the CSP in the planning of implementation appropriate securities, controls and integration with already on place security tools
  • Automation. Standardization, security automation, analysis of whether cloud-based security can be standardized with the rest of your organization
  • Security roadmap. Securities and controls implementation plan
  • Governance. Implementation of cloud security management framework across company
  • Security. Implementation of securities